Announcements
DashboardPricingLoginSign-up for free
Back to All

[Security] Dropping support of TLS 1.0 and 1.1 on Dashboard and Management API

over 4 years ago by Olivier Favre

In 2011 SSL v2 was deprecated, followed in 2014 by SSL v3 due to irreparable security flaws.
In 2018 TLS v1.0 and TLS v1.1 have been scheduled for deprecation by Apple, Google, Microsoft, and Mozilla for March 2020.
This leaves us with TLS v1.2 which is already 12 years old, and the latest member of the family, TLS v1.3, which is now 2 years old.
Security is important for us and we’re following the best practices to keep you protected.

Starting 2020-06-17 at 12:00 UTC, we have hence dropped support for the deprecated TLS v1.0 and TLS v1.1 protocols as well as the insecure RSA cypher suites, to support only TLS v1.2 and TLS v1.3 with ECDHE cypher suites.

For the unlucky few that use an outdated setup, take the opportunity to finally upgrade it to this shiny new version you’ve been dreaming for month.
If for whatever reason you happen to be impacted, do not hesitate to contact us using the chat and we’ll work out a solution together. Using a local proxy server that can upgrade your connection without disruption is usually the fastest solution; sometimes you only need a few extra lines of code to explicitly activate existing but disabled TLS v1.2 support in your old SSL library.